auditd

There are 1 repository under auditd topic.

bfuzzy / auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
auditd attack-detection mitre-attack threat-hunting linux
778
laurel
threathunters-io / laurel
Transform Linux Audit logs for SIEM usage
audispd auditd linux rust
Language:Rust 672
wagga40 / Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
auditd detection evtx evtxtract forensics forensics-tools pysigma python3 sigma sigma-rules sysmon
Language:Python 621
konstruktoid / ansible-role-hardening
Ansible role to apply a security baseline. Systemd edition.
almalinux amazon-linux ansible auditd centos debian hacktoberfest hardening information-security openscap security security-compliance security-hardening security-tools systemd ubuntu vagrant
Language:Jinja 511
elastic / go-libaudit
go-libaudit is a library for communicating with the Linux Audit Framework.
golang auditd audit-logs
Language:Go 139
bfuzzy1 / auditd-attack
A Linux Auditd rule set mapped to MITRE's Attack Framework
auditd auditd-attack auditdrules linux mitre-attack security
85
Scribery / aushape
A library and a tool for converting audit logs to XML and JSON
audit auditd rsyslog json xml convert stream log file
Language:C 41
ITNerdbox / OS-Hardening
Hardening the Linux operating system for Debian like distributions.
auditd auditing debian hardening kernel linux os-hardening pam-cracklib ssh
Language:Shell 34
chef-cookbooks / auditd
Install and configure user mode auditd tools
chef auditd cookbook hacktoberfest
Language:HTML 33
Mosuan / AuditdPy
!!!不建议使用了，可以使用AuditBeat!!! Linux服务器命令监控辅助脚本，ElasticSearch + Logstash + Kibana + Redis + Auditd
auditd auditdpy elkraa python
Language:Python 28
xeraa / auditbeat-in-action
Demo for Elastic's Auditbeat and SIEM
auditbeat auditd elasticsearch filebeat siem
Language:HCL 24
ShellCode33 / ArchLinux-Hardened
ArchLinux setup which focuses on desktop security
apparmor archlinux auditd btrfs encryption hardening luks secure-boot security wayland
Language:Python 20
codewhitesec / apollon
Proof-of-Concept to evade auditd by writing /proc/PID/mem
auditd auditd-attack detection dfir evasion monitoring threat-hunting linux-evasion
Language:C 18
codewhitesec / daphne
Proof-of-Concept to evade auditd by tampering via ptrace
auditd auditd-attack detection dfir evasion monitoring threat-hunting linux-evasion
Language:C 15
j91321 / ansible-role-auditbeat
Ansible role to install auditbeat for security monitoring. (Ruleset included)
auditd auditbeat elasticsearch auditd-attack monitoring security siem elk-stack ansible ansible-role
Language:Jinja 15
robertdebock / ansible-role-auditd
Install and configure auditd on your system.
ansible auditd molecule monitoring playbook security system tox
Language:Jinja 14
alex-leonhardt / auditr
A small Go program to read /var/log/audit/audit.log
security-audit security-tools auditd golang go golang-application golang-tools linux linux-tools ci-gocd
Language:Go 11
dcsteve24 / Ansible-Linux-Install-ELK-Stack
Installs 7.X ELK Stack on CentOS, RHEL, Ubuntu, or Debian
ansible ansible-role auditd centos debian elk elk-stack filebeat filebeat-module rhel ubuntu
6
gurucleff / logstash-auditd
logstash 5.4 auditd filter
auditd filebeat logstash
5
gibbs / puppet-auditd
Puppet auditd module
puppet puppet-module auditd
Language:Ruby 3
simp / pupmod-simp-auditd
The SIMP auditd Puppet Module
auditd kernel puppet simp simp-ecosystem
Language:Ruby 3
angelbarrera92 / ansible-role-auditbeat
An Ansible Role that installs Auditbeat on RedHat/CentOS or Debian/Ubuntu.
ansible ansible-role auditbeat auditd beats elasticsearch
Language:Python 2
appvia / auditd-container
Simple alpine image with auditd intended usage is to be used in combination with docker-desktop kubernetes to allow building a seccomp profiles with the kubernetes-sigs/security-profiles-operator
auditd kind kubernetes seccomp security-profiles-operator
Language:Dockerfile 2
athoune / audisp-go
golang audisp client for auditd
auditd
Language:Go 2
lprat / SLDS
Secure Linux Debian Script
security security-hardening hardening linux auditd ossec
Language:Perl 2
tricktux / file-audit-system
:eyes: File monitoring software that will log file access to configured directories on the system.
auditd cpp linux-kernel
Language:CMake 2
0mp / openbsm
OpenBSM-auditd-based plugin for Linux Audit audispd
audit auditd linux-audit linux freebsd openbsm auditdistd audispd audit-logs
Language:C 1
buluma / ansible-role-auditd
Install and configure auditd on your system.
ansible ansible-role auditd molecule tox
Language:Jinja 1
jquiterio / auquery
Linux auditd report and query
auditd linux python security-audit
Language:Python 1
kpetku / terselog
Timestamped outbound IPv4 and IPv6 connection logs for humans
auditd audispd network-logs logs
Language:Go 1
litew / linux-audit-notes
Notes about linux-audit subsystem (kernel & userspace)
auditd linux-audit notes
Language:HTML 1
mismailzz / CMAuditd_v2
CMAuditd (version 2) is a free and open-source GUI designed to be used with Auditd, which is the userspace component of the Linux Auditing System. It provides more functionality and a better interface than its previous version.
auditd linux-auditing userspace-component python gui linux security audit automation devops application rule-writing
Language:Python 1
nshadov / auditd-configuration
Basic auditd configuration.
auditd auditing linux-audit security
1
while-true-do / ansible-role-sys_audit
An Ansible Role to install and configure audit.
ansible ansible-role centos redhat fedora audit security system compliance-as-code auditd compliance automation
Language:Python 1
PLZENTERTEXT / autopsy-sigmaa-ingest-module
An Autopsy data source ingest module for detection of IOCs in EVTX for Windows and Auditd for Linux based on SIGMA Rules.
auditd autopsy evtx sigma sigma-rules
Language:Python 0
robertripoll / auth-notification-alert
Python script to notify about successful SSH logins
auditd geoip geoip2 login notification python python3 ssh successful telegram telegram-api
Language:Python

auditd

bfuzzy / auditd-attack

threathunters-io / laurel

wagga40 / Zircolite

konstruktoid / ansible-role-hardening

elastic / go-libaudit

bfuzzy1 / auditd-attack

Scribery / aushape

ITNerdbox / OS-Hardening

chef-cookbooks / auditd

Mosuan / AuditdPy

xeraa / auditbeat-in-action

ShellCode33 / ArchLinux-Hardened

codewhitesec / apollon

codewhitesec / daphne

j91321 / ansible-role-auditbeat

robertdebock / ansible-role-auditd

alex-leonhardt / auditr

dcsteve24 / Ansible-Linux-Install-ELK-Stack

gurucleff / logstash-auditd

gibbs / puppet-auditd

simp / pupmod-simp-auditd

angelbarrera92 / ansible-role-auditbeat

appvia / auditd-container

athoune / audisp-go

lprat / SLDS

tricktux / file-audit-system

0mp / openbsm

buluma / ansible-role-auditd

jquiterio / auquery

kpetku / terselog

litew / linux-audit-notes

mismailzz / CMAuditd_v2

nshadov / auditd-configuration

while-true-do / ansible-role-sys_audit

PLZENTERTEXT / autopsy-sigmaa-ingest-module

robertripoll / auth-notification-alert